CYBER NEWS

Você faria uma selfie para um cavalo de Troia Acecard Android?

pexels-photo-175729

The Acecard Android Trojan has been around for quite some time. We wrote about Acecard in February this year, but in fact the malware has been attacking devices since 2014, when it was first detected. Back in February,
the Trojan was specifically targeting multiple banks.

relacionado: Acecard, Trojan Android e ferramenta Phishing metas ao longo 30 bancos

Acecard is currently being deployed in new attacks, and that’s quite unfortunate considering that it’s one of the worst Android malware pieces today.

Acecard’s Latest Campaign Targets Users in Singapore and Hong Kong

Pelo visto, the latest version of the malware is hidden inside different apps masqueraded as Adobe Flash Player, pornographic apps, and video codecs, McAfee researchers relatório. The apps are distributed outside of Google Play Store and are persistently annoying users with permission requirement screens until admin rights are achieved.

As soon as the malicious app is executed by the user, it hides the icon from the home launcher and constantly asks for device administrator privileges to make its removal difficult.

When it is running in the background, the malware constantly monitors the opening of specific apps to show the user its main phishing overlay, pretending to be Google Play and asking for a credit card number.

Once the credit card number is validated, the next phishing overlay asks for more personal and credit card information such as cardholder name, data de nascimento, número de telefone, credit card expiration date, and CCV.

Finalmente, Acecard will prompt the user to take a picture of the front and back side of his ID card. Então, the user is asked to hold the ID in his hand and take a selfie. Por que isso é feito?

[Isto é] very useful for a cybercriminal to confirm a victim’s identity and access not only to banking accounts, but probably also even social networks.

Thanks to this smart but quite vicious tactic the attacker can verify illegal transactions or even confirm he’s the owner of hijacker social media profiles. No wonder that the Trojan also collects credentials for social media apps like Facebook, Whatsapp, WeChat, Viber, and other apps like Dropbox and Google Videos.

The updated Trojan is mostly successful with less tech-savvy users that haven’t used smartphones and aren’t aware of the normal behavior of an app.

Milena Dimitrova

Milena Dimitrova

Um escritor inspirado e gerenciador de conteúdo que foi com SensorsTechForum desde o início. Focada na privacidade do usuário e desenvolvimento de malware, ela acredita fortemente em um mundo onde a segurança cibernética desempenha um papel central. Se o senso comum não faz sentido, ela vai estar lá para tomar notas. Essas notas podem mais tarde se transformar em artigos! Siga Milena @Milenyim

mais Posts

Me siga:
Twitter

Deixe um comentário

seu endereço de e-mail não será publicado. Campos obrigatórios são marcados *

limite de tempo está esgotado. Recarregue CAPTCHA.

Compartilhar no Facebook Compartilhar
Carregando...
Compartilhar no Twitter chilrear
Carregando...
Compartilhar no Google Plus Compartilhar
Carregando...
Partilhar no Linkedin Compartilhar
Carregando...
Compartilhar no Digg Compartilhar
Compartilhar no Reddit Compartilhar
Carregando...
Partilhar no StumbleUpon Compartilhar
Carregando...